HP MSR2000/3000/4000 Router Series Security Configuration Guide
244
<RouterB> system-view
[RouterB] public-key local create rsa
The range of public key size is (512 ~ 2048).
If the key modulus is greater than 512, it will take a few minutes.
Press CTRL+C to abort.
Input the modulus length [default = 1024]:
Generating Keys...
........................++++++
...................++++++
..++++++++
............++++++++
Create the key pair successfully.
# Generate a DSA key pair.
[RouterB] public-key local create dsa
The range of public key size is (512 ~ 2048).
If the key modulus is greater than 512, it will take a few minutes.
Press CTRL+C to abort.
Input the modulus length [default = 1024]:
Generating Keys...
.++++++++++++++++++++++++++++++++++++++++++++++++++*
........+......+.....+......................................+
...+.................+..........+...+.
Create the key pair successfully.
# Enable the SSH server function.
[RouterB] ssh server enable
# Configure an IP address for Ethernet 1/1. The client uses this address as the destination for SCP
connection.
[RouterB] interface ethernet 1/1
[RouterB-Ethernet1/1] ip address 192.168.0.1 255.255.255.0
[RouterB-Ethernet1/1] quit
# Set the authentication mode of the user lines to AAA.
[RouterB] line vty 0 15
[RouterB-line-vty0-15] authentication-mode scheme
[RouterB-line-vty0-15] quit
# Create a local device management user named client001 with the plaintext password aabbcc
and the service type ssh.
[RouterB] local-user client001 class manage
[RouterB-luser-manage-client001] password simple aabbcc
[RouterB-luser-manage-client001] service-type ssh
[RouterB-luser-manage-client001] quit
# Configure an SSH user client001 with service type scp and authentication method password.
(Optional. If an SSH user is not created, password authentication is used by default.)
[RouterB] ssh user client001 service-type scp authentication-type password
2. Configure an IP address for Ethernet 1/1 on the SCP client.
<RouterA> system-view
[RouterA] interface ethernet 1/1
[RouterA-Ethernet1/1] ip address 192.168.0.2 255.255.255.0